Export limit exceeded: 43972 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43972 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12002 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. | ||||
| CVE-2020-11984 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-11-21 | 9.8 Critical |
| Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | ||||
| CVE-2020-11958 | 2 Canonical, Re2c | 2 Ubuntu Linux, Re2c | 2024-11-21 | 7.8 High |
| re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. | ||||
| CVE-2020-11947 | 2 Qemu, Redhat | 3 Qemu, Advanced Virtualization, Enterprise Linux | 2024-11-21 | 3.8 Low |
| iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. | ||||
| CVE-2020-11945 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials). | ||||
| CVE-2020-11940 | 1 Ntop | 1 Ndpi | 2024-11-21 | 7.5 High |
| In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library. | ||||
| CVE-2020-11939 | 1 Ntop | 1 Ndpi | 2024-11-21 | 9.8 Critical |
| In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis. | ||||
| CVE-2020-11915 | 1 Svakom | 3 Siime Eye, Siime Eye Firmware, Svakom Siime Eye Firmware | 2024-11-21 | 6.8 Medium |
| An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a reecam4debug default password. This default telnet password is the same across all Siime Eye devices. In order for the attack to be exploited, an attacker must be physically close in order to connect to the device's Wi-Fi access point. | ||||
| CVE-2020-11914 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 4.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. | ||||
| CVE-2020-11913 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | ||||
| CVE-2020-11912 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. | ||||
| CVE-2020-11906 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow. | ||||
| CVE-2020-11905 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.5 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read. | ||||
| CVE-2020-11903 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.5 Medium |
| The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. | ||||
| CVE-2020-11902 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 7.3 High |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | ||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | ||||
| CVE-2020-11898 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.1 Critical |
| The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. | ||||
| CVE-2020-11896 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 10.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | ||||
| CVE-2020-11895 | 1 Libming | 1 Libming | 2024-11-21 | 9.1 Critical |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. | ||||
| CVE-2020-11894 | 1 Libming | 1 Libming | 2024-11-21 | 9.1 Critical |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c. | ||||