Export limit exceeded: 45484 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45484 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36331 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2024-11-21 | 9.1 Critical |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. | ||||
| CVE-2020-36330 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2024-11-21 | 9.1 Critical |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | ||||
| CVE-2020-36325 | 1 Jansson Project | 1 Jansson | 2024-11-21 | 7.5 High |
| An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification | ||||
| CVE-2020-36323 | 3 Fedoraproject, Redhat, Rust-lang | 4 Fedora, Devtools, Enterprise Linux and 1 more | 2024-11-21 | 8.2 High |
| In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | ||||
| CVE-2020-36317 | 2 Redhat, Rust-lang | 3 Devtools, Enterprise Linux, Rust | 2024-11-21 | 7.5 High |
| In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. | ||||
| CVE-2020-36316 | 1 Relic Project | 1 Relic | 2024-11-21 | 5.5 Medium |
| In RELIC before 2021-04-03, there is a buffer overflow in PKCS#1 v1.5 signature verification because garbage bytes can be present. | ||||
| CVE-2020-36281 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. | ||||
| CVE-2020-36280 | 2 Fedoraproject, Leptonica | 2 Fedora, Leptonica | 2024-11-21 | 7.5 High |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. | ||||
| CVE-2020-36279 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. | ||||
| CVE-2020-36278 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. | ||||
| CVE-2020-36242 | 4 Cryptography.io, Fedoraproject, Oracle and 1 more | 6 Cryptography, Fedora, Communications Cloud Native Core Network Function Cloud Native Environment and 3 more | 2024-11-21 | 9.1 Critical |
| In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class. | ||||
| CVE-2020-36228 | 3 Apple, Debian, Openldap | 3 Macos, Debian Linux, Openldap | 2024-11-21 | 7.5 High |
| An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. | ||||
| CVE-2020-36226 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 7.5 High |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. | ||||
| CVE-2020-36223 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 7.5 High |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | ||||
| CVE-2020-36221 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 7.5 High |
| An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). | ||||
| CVE-2020-36173 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | 5.3 Medium |
| The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields. | ||||
| CVE-2020-36158 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-11-21 | 8.8 High |
| mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | ||||
| CVE-2020-36152 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 8.8 High |
| Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. | ||||
| CVE-2020-36150 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 6.5 Medium |
| Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | ||||
| CVE-2020-36134 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 6.5 Medium |
| AOM v2.0.1 was discovered to contain a segmentation violation via the component aom_dsp/x86/obmc_sad_avx2.c. | ||||