Total
2385 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-24995 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). | |||||
CVE-2020-24295 | 1 Freeimage Project | 1 Freeimage | 2023-11-07 | N/A | 8.8 HIGH |
Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. | |||||
CVE-2020-24293 | 1 Freeimage Project | 1 Freeimage | 2023-11-07 | N/A | 8.8 HIGH |
Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. | |||||
CVE-2020-24292 | 1 Freeimage Project | 1 Freeimage | 2023-11-07 | N/A | 8.8 HIGH |
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. | |||||
CVE-2020-24020 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-22219 | 1 Flac Project | 1 Flac | 2023-11-07 | N/A | 7.8 HIGH |
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. | |||||
CVE-2020-22020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. | |||||
CVE-2020-21426 | 1 Freeimage Project | 1 Freeimage | 2023-11-07 | N/A | 7.8 HIGH |
Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. | |||||
CVE-2020-18032 | 3 Debian, Fedoraproject, Graphviz | 3 Debian Linux, Fedora, Graphviz | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. | |||||
CVE-2020-16302 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2020-16301 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2020-16298 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2020-16294 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2020-16288 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2020-14354 | 2 C-ares, Fedoraproject | 2 C-ares, Fedora | 2023-11-07 | 2.1 LOW | 3.3 LOW |
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability. | |||||
CVE-2020-12823 | 4 Debian, Fedoraproject, Infradead and 1 more | 4 Debian Linux, Fedora, Openconnect and 1 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. | |||||
CVE-2020-12723 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | |||||
CVE-2020-11984 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | |||||
CVE-2020-10379 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. | |||||
CVE-2020-10188 | 6 Arista, Debian, Fedoraproject and 3 more | 6 Eos, Debian Linux, Fedora and 3 more | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. |