Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18660 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017). | |||||
| CVE-2017-18661 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017). | |||||
| CVE-2020-5734 | 1 Solarwinds | 1 Dameware | 2020-04-07 | 4.3 MEDIUM | 7.5 HIGH |
| Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a denial of service by sending a large 'SigPubkeyLen' during ECDH key exchange. | |||||
| CVE-2020-8423 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2020-04-06 | 9.0 HIGH | 7.2 HIGH |
| A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. | |||||
| CVE-2020-10599 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2020-04-06 | 7.5 HIGH | 9.8 CRITICAL |
| VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code. | |||||
| CVE-2020-10595 | 2 Debian, Pam-krb5 Project | 2 Debian Linux, Pam-krb5 | 2020-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option. | |||||
| CVE-2020-9067 | 1 Huawei | 6 Smartax Ea5800, Smartax Ea5800 Firmware, Smartax Ma5600t and 3 more | 2020-04-03 | 5.2 MEDIUM | 8.0 HIGH |
| There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10. | |||||
| CVE-2020-3911 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2020-3910 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2020-04-02 | 10.0 HIGH | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | |||||
| CVE-2015-5684 | 1 Lenovo | 54 B50-10, B50-10 Firmware, Edge 15 and 51 more | 2020-04-01 | 10.0 HIGH | 9.8 CRITICAL |
| MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system. | |||||
| CVE-2020-6999 | 1 Moxa | 2 Mds-g516e, Mds-g516e Firmware | 2020-03-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. | |||||
| CVE-2019-20578 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019). | |||||
| CVE-2020-10931 | 1 Memcached | 1 Memcached | 2020-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c. | |||||
| CVE-2019-20572 | 2 Google, Samsung | 2 Android, Exynos | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019). | |||||
| CVE-2019-20562 | 1 Google | 1 Android | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 (October 2019). | |||||
| CVE-2019-20558 | 2 Google, Samsung | 2 Android, Exynos | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019). | |||||
| CVE-2020-10835 | 1 Samsung | 1 Exynos | 2020-03-26 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020). | |||||
| CVE-2020-10850 | 1 Google | 1 Android | 2020-03-26 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020). | |||||
| CVE-2019-20545 | 1 Google | 1 Android | 2020-03-26 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15283 (November 2019). | |||||