Total
9529 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0986 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316. | |||||
| CVE-2019-20563 | 1 Google | 1 Android | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The SEC_FR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 (October 2019). | |||||
| CVE-2020-0517 | 1 Intel | 1 Graphics Driver | 2023-12-10 | 4.6 MEDIUM | 5.3 MEDIUM |
| Out-of-bounds write in Intel(R) Graphics Drivers before version 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. | |||||
| CVE-2020-6331 | 1 Sap | 1 3d Visual Enterprise Viewer | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-15588 | 1 Zohocorp | 1 Manageengine Desktop Central | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM privileges. This issue will occur only when untrusted communication is initiated with server. In cloud, Agent will always connect with trusted communication. | |||||
| CVE-2020-7454 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module. | |||||
| CVE-2020-9637 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2020-0153 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139733543 | |||||
| CVE-2020-13916 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2019-17603 | 1 Asus | 1 Aura Sync | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | |||||
| CVE-2017-18758 | 1 Netgear | 6 R6700, R6700 Firmware, R6800 and 3 more | 2023-12-10 | 5.2 MEDIUM | 8.0 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2020-3786 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop Cc, Macos and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-10609 | 1 Qualcomm | 110 Apq8009, Apq8009 Firmware, Apq8017 and 107 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | |||||
| CVE-2020-25489 | 1 Sqreen | 1 Python Mini Racer | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption. | |||||
| CVE-2020-14331 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 7.2 HIGH | 6.6 MEDIUM |
| A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-9830 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2018-21163 | 1 Netgear | 40 Dgn2200, Dgn2200 Firmware, Dgn2200b and 37 more | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18. | |||||
| CVE-2019-20566 | 1 Samsung | 1 Exynos Smp1300 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September 2019). | |||||
| CVE-2020-16287 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-6094 | 1 Accusoft | 1 Imagegear | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||