Vulnerabilities (CVE)

Filtered by CWE-120
Total 2385 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-24995 1 Ffmpeg 1 Ffmpeg 2023-11-07 4.6 MEDIUM 7.8 HIGH
Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local).
CVE-2020-24295 1 Freeimage Project 1 Freeimage 2023-11-07 N/A 8.8 HIGH
Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.
CVE-2020-24293 1 Freeimage Project 1 Freeimage 2023-11-07 N/A 8.8 HIGH
Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.
CVE-2020-24292 1 Freeimage Project 1 Freeimage 2023-11-07 N/A 8.8 HIGH
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file.
CVE-2020-24020 1 Ffmpeg 1 Ffmpeg 2023-11-07 6.5 MEDIUM 8.8 HIGH
Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code.
CVE-2020-22219 1 Flac Project 1 Flac 2023-11-07 N/A 7.8 HIGH
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.
CVE-2020-22020 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service.
CVE-2020-21426 1 Freeimage Project 1 Freeimage 2023-11-07 N/A 7.8 HIGH
Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVE-2020-18032 3 Debian, Fedoraproject, Graphviz 3 Debian Linux, Fedora, Graphviz 2023-11-07 6.8 MEDIUM 7.8 HIGH
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.
CVE-2020-16302 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16301 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16298 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16294 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16288 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-14354 2 C-ares, Fedoraproject 2 C-ares, Fedora 2023-11-07 2.1 LOW 3.3 LOW
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.
CVE-2020-12823 4 Debian, Fedoraproject, Infradead and 1 more 4 Debian Linux, Fedora, Openconnect and 1 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
CVE-2020-12723 5 Fedoraproject, Netapp, Opensuse and 2 more 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more 2023-11-07 5.0 MEDIUM 7.5 HIGH
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
CVE-2020-11984 7 Apache, Canonical, Debian and 4 more 13 Http Server, Ubuntu Linux, Debian Linux and 10 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
CVE-2020-10379 3 Canonical, Fedoraproject, Python 3 Ubuntu Linux, Fedora, Pillow 2023-11-07 6.8 MEDIUM 7.8 HIGH
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
CVE-2020-10188 6 Arista, Debian, Fedoraproject and 3 more 6 Eos, Debian Linux, Fedora and 3 more 2023-11-07 10.0 HIGH 9.8 CRITICAL
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.