Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8266 | 1 Uvnc | 1 Ultravnc | 2020-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208. | |||||
| CVE-2020-0124 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592 | |||||
| CVE-2020-0129 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 7.8 HIGH |
| In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010 | |||||
| CVE-2020-0150 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 7.8 HIGH |
| In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142280329 | |||||
| CVE-2020-0217 | 1 Google | 1 Android | 2020-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141331405 | |||||
| CVE-2020-0153 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139733543 | |||||
| CVE-2020-0165 | 1 Google | 1 Android | 2020-06-12 | 7.2 HIGH | 6.7 MEDIUM |
| In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139532977 | |||||
| CVE-2020-9818 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2020-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. | |||||
| CVE-2020-0155 | 1 Google | 1 Android | 2020-06-11 | 4.6 MEDIUM | 7.8 HIGH |
| In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736386 | |||||
| CVE-2020-9822 | 1 Apple | 1 Mac Os X | 2020-06-11 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2018-15361 | 1 Uvnc | 1 Ultravnc | 2020-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199. | |||||
| CVE-2020-13768 | 1 Minishare Project | 1 Minishare | 2020-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued. | |||||
| CVE-2019-20822 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2020-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It has an out-of-bounds write via incorrect image data. | |||||
| CVE-2018-14610 | 1 Linux | 1 Linux Kernel | 2020-06-10 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c. | |||||
| CVE-2020-13811 | 1 Foxitsoftware | 1 Foxit Studio Photo | 2020-06-09 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has an out-of-bounds write via a crafted TIFF file. | |||||
| CVE-2019-20825 | 1 Foxitsoftware | 1 Phantompdf | 2020-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used. | |||||
| CVE-2019-20827 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. | |||||
| CVE-2019-7154 | 1 Webassembly | 1 Binaryen | 2020-06-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer/simple_ast.h. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm2js. | |||||
| CVE-2020-10021 | 1 Zephyrproject | 1 Zephyr | 2020-06-05 | 4.6 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2019-20830 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. | |||||