Export limit exceeded: 20236 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20236 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36199 | 1 Kaspersky | 1 Tinycheck | 2024-11-21 | 9.8 Critical |
| TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | ||||
| CVE-2020-36198 | 1 Qnap | 1 Malware Remover | 2024-11-21 | 6.7 Medium |
| A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP Systems Inc. Malware Remover 3.x. | ||||
| CVE-2020-36178 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-11-21 | 9.8 Critical |
| oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem. | ||||
| CVE-2020-36177 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 9.8 Critical |
| RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | ||||
| CVE-2020-36151 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 6.5 Medium |
| Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | ||||
| CVE-2020-36131 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 8.8 High |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. | ||||
| CVE-2020-36129 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 8.8 High |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. | ||||
| CVE-2020-35979 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | ||||
| CVE-2020-35965 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 7.5 High |
| decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | ||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2024-11-21 | 6.5 Medium |
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | ||||
| CVE-2020-35963 | 2 Linux, Treasuredata | 2 Linux Kernel, Fluent Bit | 2024-11-21 | 7.8 High |
| flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion. | ||||
| CVE-2020-35924 | 1 Try-mutex Project | 1 Try-mutex | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type. | ||||
| CVE-2020-35895 | 1 Stack Project | 1 Stack | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion. | ||||
| CVE-2020-35881 | 1 Traitobject Project | 1 Traitobject | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x. | ||||
| CVE-2020-35859 | 1 Lucet-runtime-internals Project | 1 Lucet-runtime-internals | 2024-11-21 | 9.1 Critical |
| An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs can experience memory corruption. | ||||
| CVE-2020-35858 | 1 Prost Project | 1 Prost | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM). | ||||
| CVE-2020-35851 | 1 Hgiga | 2 Msr45 Isherlock-user, Ssr45 Isherlock-user | 2024-11-21 | 8.1 High |
| HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system. | ||||
| CVE-2020-35845 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf. | ||||
| CVE-2020-35844 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4. | ||||
| CVE-2020-35843 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 5.5 Medium |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e. | ||||