Export limit exceeded: 21624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21624 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24341 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 9.1 Critical |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak. | ||||
| CVE-2020-24340 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 7.5 High |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the packet, leading to an out-of-bounds read, invalid pointer dereference, and Denial-of-Service. | ||||
| CVE-2020-24339 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 7.5 High |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds reads that lead to Denial-of-Service. | ||||
| CVE-2020-24336 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. | ||||
| CVE-2020-24335 | 3 Contiki-ng, Contiki-os, Uip Project | 3 Contiki-ng, Contiki, Uip | 2024-11-21 | 7.5 High |
| An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets. | ||||
| CVE-2020-24334 | 3 Contiki-ng, Contiki-os, Uip Project | 3 Contiki-ng, Contiki, Uip | 2024-11-21 | 8.2 High |
| The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c. | ||||
| CVE-2020-24295 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. | ||||
| CVE-2020-24294 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. | ||||
| CVE-2020-24293 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. | ||||
| CVE-2020-24292 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. | ||||
| CVE-2020-24222 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | ||||
| CVE-2020-24020 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-23931 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | ||||
| CVE-2020-23928 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | ||||
| CVE-2020-23922 | 2 Apache, Giflib Project | 2 Bookkeeper, Giflib | 2024-11-21 | 7.1 High |
| An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read. | ||||
| CVE-2020-23921 | 1 Fast Ber Project | 1 Fast Ber | 2024-11-21 | 7.1 High |
| An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read. | ||||
| CVE-2020-23915 | 1 Cpp-peglib Project | 1 Cpp-peglib | 2024-11-21 | 5.5 Medium |
| An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read. | ||||
| CVE-2020-23909 | 1 Advancemame | 1 Advancemame | 2024-11-21 | 7.1 High |
| Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1. | ||||
| CVE-2020-23902 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3. | ||||
| CVE-2020-23900 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b. | ||||